Chapter 9: Protecting Your SQL Server from Attack

Previous page
Table of content
Next page

Microsoft Exam Objectives Covered in this Chapter:

  • image from book Optimize a database control strategy to meet business requirements.

    • Verify that database change control procedures are being followed.

    • Identify all database objects related to a particular deployment.

  • image from book Perform a security audit of the existing security infrastructure based on the security plan.

    • Analyze the physical server security.

    • Compare the existing security infrastructure to business and regulatory requirements.

    • Identify variations from the security design.

  • image from book Prepare for and respond to threats and attacks.

    • Prepare for and respond to SQL Server injection attacks.

    • Prepare for and respond to denial-of-service attacks that are specific to SQL Server.

    • Prepare for and respond to virus and worm attacks that are specific to SQL Server.

    • Prepare for and respond to internal attacks that are specific to SQL Server.

For a DBA, it is useful to be able to set up a database server, configure it for an application, tune queries, and ensure an efficiently operating environment; however, without implementing strong security measures, it can result in loss of data, financial penalties, or even the end of your company. Security is a critical part of any environment these days, with our extremely connected world where computers on one side of the world can easily reach your servers in any other part of the world.

Today’s DBA needs to maintain vigilant security, even with firewalls and other network access controls, because of the wide variety of attacks that seem to circumvent this line of defense. SQL injection, cross-site scripting, and other unknown future attacks require that your security model encompasses every part of your systems. In addition, you must prepare for internal attacks, even inadvertent ones such as deploying unsafe code on your servers.

In this chapter, we will discuss how you can maintain security on your servers. We will cover both server-level and user-level security strategies for ensuring that only authorized users can access your databases and only authorized changes are allowed.


Previous page
Table of content
Next page
MCITP Administrator. Microsoft SQL Server 2005 Optimization and Maintenance Study Guide (70-444)
MCITP Administrator: Microsoft SQL Server 2005 Optimization and Maintenance (Exam 70-444) Study Guide
ISBN: 0470127457
EAN: 2147483647
Year: 2004
Pages: 146
Authors: Victor Isakov, Marilyn Miller-White, J. Steven Jones, Andy Warren
BUY ON AMAZON
Lotus Notes and Domino 6 Development (2nd Edition)
A Practitioners Guide to Software Test Design
Postfix: The Definitive Guide
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Java All-In-One Desk Reference For Dummies
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy